A vulnerability in iOS and macOS allowed unauthorized access to sensitive user data without user consent or notification.The vulnerability exploited a flaw in Apple's TCC framework, allowing malicious apps to bypass data protections.The vulnerability involved a symlink attack, enabling attackers to redirect file operations and access sensitive files stored in iCloud undetected.Apple addressed the vulnerability in iOS 18 and macOS 15 by reinforcing symlink checks and strengthening the TCC framework.